Security News > 2022 > August > Week in review: Spot deep-faked job candidates, data exfiltration via bookmarks, Patch Tuesday forecast

Week in review: Spot deep-faked job candidates, data exfiltration via bookmarks, Patch Tuesday forecast
2022-08-07 08:42

Browser synchronization abuse: Bookmarks as a covert data exfiltration channelTwo universal and seemingly innocuous browser features - the ability to create bookmarks and browser synchronization - make users' lives easier, but may also allow hackers to establish a covert data exfiltration channel.

6 ways your cloud data security policies are slowing innovation - and how to avoid thatAs practically every organization shifts from managing their data in network-based data centers to storing it in the cloud, cloud data security policies are created to secure this data in a cloud environment.

VMware: Patch this critical vulnerability immediately!The security researcher who reported CVE-2022-31656 is planning to release a technical writeup and a POC "Soon".

MI-X: Open source project helps you understand whether you are exploitableIn this Help Net Security video, Ofri Ouzan, Security Researcher at Rezilion, talks about MI-X, an open source tool aimed at effectively determining whether a local host or a running container image is truly vulnerable to a specific vulnerability by accounting for all factors which affect actual exploitability.

Now is the time to focus on software supply chain security improvementsIn this Help Net Security video, Kevin Bocek, VP of Security Strategy and Threat Intelligence, Venafi, discusses how CIOs are becoming increasingly concerned about the serious business disruptions, revenue loss, data theft, and customer damage that can result from successful software supply chain attacks.

Machine learning creates a new attack surface requiring specialized defensesIn this interview for Help Net Security, Christopher Sestito, CEO of HiddenLayer, talks about machine learning security considerations, and the related threats organizations should be worried about.


News URL

https://www.helpnetsecurity.com/2022/08/07/week-in-review-spot-deep-faked-job-candidates-data-exfiltration-via-bookmarks-patch-tuesday-forecast/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-08-05 CVE-2022-31656 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users.
network
low complexity
vmware
critical
9.8